﻿<?php
session_start();
	require('./include/phpsqlajax_dbinfo.php');
	
	function parseToXML($htmlStr){
		$xmlStr=str_replace('&','&amp;',$htmlStr);
		return $xmlStr; 
	}
	
	 // Opens a connection to a MySQL server.
	$connection = mysql_connect ($server, $username, $password);
	if (!$connection) 
	{
	  die('Not connected : ' . mysql_error());
	}
	
	// Sets the active MySQL database.
	$db_selected = mysql_select_db($database, $connection);
	if (!$db_selected) 
	{
	  die ('Can\'t use db : ' . mysql_error());
	}
	//Set result charset to UTF-8
	 mysql_query('SET NAMES "utf8"');
	 
	/*
	 *geocode adress as alternative to clientsite reverse Geocoding
	 */
	$address1=$_POST['eventStreet']." ".$_POST['eventNr']." ".$_POST['eventTown']." ".$_POST['eventPlz'];
	$url='http://maps.googleapis.com/maps/api/geocode/xml?sensor=false&address='.urlencode($address1).'';
	$neuxml = simplexml_load_file($url) or die("url not loading");
	$status = $neuxml->status;
	if ($status=="OK") {
		$Lat = $neuxml->result->geometry->location->lat;
		$Lon = $neuxml->result->geometry->location->lng;
		$_POST['eventLat']=$Lat;
		$_POST['eventLong']=$Lon;
	}
	
	
	/*
	*update event Table (cultural user)
	*/
	if($_SESSION['privileges']==2){
		if($_POST['eventUserContact']!=""){
			/*
			*get User Contact Information
			*/
			$contact=explode(', ',$_POST['eventUserContact']);
			$getContactId='SELECT idContacts FROM contacts  WHERE surname="'.$contact[1].'" AND lastname="'.$contact[0].'" AND Users_IdUsers=(SELECT `idUsers` FROM `users` WHERE `username`="'.$_SESSION['username'].'")';
			$resContactId = mysql_query($getContactId)or die;
			$contactIdRow=mysql_fetch_row($resContactId);
			$updateEventTable=	'UPDATE `events` SET `lat`="'.$_POST['eventLat'].'",
							`long`="'.$_POST['eventLong'].'",`name`="'.$_POST['eventName'].'",`description`="'.$_POST['eventDescription'].'",`fee`="'.$_POST['eventFee'].'",`date`="'.$_POST['eventDatetime'].'",
							`visibility`="'.$_POST['eventVisibility'].'",`town`="'.$_POST['eventTown'].'",`plz`="'.$_POST['eventPlz'].'",`street`="'.$_POST['eventStreet'].'",
							`nr`="'.$_POST['eventNr'].'",`Contacts_idContacts`="'.$contactIdRow[0].'" WHERE `idEvents`="'.$_POST['eventId'].'"';
			mysql_query($updateEventTable)or die;
		}else{
			$updateEventTable2=	'UPDATE `events` SET `lat`="'.$_POST['eventLat'].'",
							`long`="'.$_POST['eventLong'].'",`name`="'.$_POST['eventName'].'",`description`="'.$_POST['eventDescription'].'",`fee`="'.$_POST['eventFee'].'",`date`="'.$_POST['eventDatetime'].'",
							`visibility`="'.$_POST['eventVisibility'].'",`town`="'.$_POST['eventTown'].'",`plz`="'.$_POST['eventPlz'].'",`street`="'.$_POST['eventStreet'].'",
							`nr`="'.$_POST['eventNr'].'",`Contacts_idContacts`=null WHERE `idEvents`="'.$_POST['eventId'].'"';
			mysql_query($updateEventTable2)or die;
		}
		
	/*
	*update event Table (admin user)
	*/
	}else{
		$updateEventTableAdmin=	'UPDATE `events` SET `lat`="'.$_POST['eventLat'].'",
						`long`="'.$_POST['eventLong'].'",`name`="'.$_POST['eventName'].'",`description`="'.$_POST['eventDescription'].'",`fee`="'.$_POST['eventFee'].'",`date`="'.$_POST['eventDatetime'].'",
						`visibility`="'.$_POST['eventVisibility'].'",`town`="'.$_POST['eventTown'].'",`plz`="'.$_POST['eventPlz'].'",`street`="'.$_POST['eventStreet'].'",
						`nr`="'.$_POST['eventNr'].'" WHERE `idEvents`="'.$_POST['eventId'].'"';
		mysql_query($updateEventTableAdmin)or die;
	}

	
	
	/*
	*update event categories
	*/
	
	//delete old categories before update
	$deleteEventCategories='DELETE FROM `events_has_eventcategories` WHERE `Events_idEvents`='.$_POST['eventId'].'';
	mysql_query($deleteEventCategories)or die (mysql_error());
	
	//insert event categories
	$eventCategories = explode(", ",$_POST['eventCategories']);
	for($i=0;$i<count($eventCategories);$i++){
		if($eventCategories[$i]!=""){
		$getEventCategory='SELECT `idEventCategories` FROM `eventcategories` WHERE `eventcategory`="'.$eventCategories[$i].'"';
		$resEventCategory = mysql_query($getEventCategory)or die;
		$eventCategoryRow=mysql_fetch_row($resEventCategory);
		$insertEventCategory='INSERT INTO `events_has_eventcategories`(`Events_idEvents`, `EventCategories_idEventCategories`) VALUES ("'.$_POST['eventId'].'","'.$eventCategoryRow[0].'")';
		mysql_query($insertEventCategory)or die (mysql_error());
		}
	}
	
	/*
	*update keyword
	*/
	
	//delete old keywords before update
	$deleteKeywords='DELETE FROM `keywords_has_events` WHERE `Events_idEvents`='.$_POST['eventId'].'';
	mysql_query($deleteKeywords)or die (mysql_error());
	
	//insert event keyword
	if($_POST['eventKeyword']!=''){
			$checkKeyword='SELECT COUNT(idKeywords),`idKeywords` FROM `keywords` WHERE `keyword`="'.$_POST['eventKeyword'].'"';
			$resKeyword = mysql_query($checkKeyword)or die;
			$keywordRow=mysql_fetch_row($resKeyword);
			if($keywordRow[0]==0){//test whether keyword already exist
				$insertNewKeyword='INSERT INTO `keywords`(`keyword`) VALUES ("'.$_POST['eventKeyword'].'")';
				mysql_query($insertNewKeyword)or die;
				$keywordId = mysql_insert_id();			
				$insertNewEventKeyword='INSERT INTO `keywords_has_events`(`Keywords_idKeywords`, `Events_idEvents`) VALUES ("'.$keywordId.'","'.$_POST['eventId'].'")';
				mysql_query($insertNewEventKeyword)or die;
			}else{
				$insertEventKeyword='INSERT INTO `keywords_has_events`(`Keywords_idKeywords`, `Events_idEvents`) VALUES ("'.$keywordRow[1].'","'.$_POST['eventId'].'")';
				mysql_query($insertEventKeyword)or die;
			}
		}
	
	/*
	*Update Links
	*/
	
	//Delete old link before update
	$updateLinks='UPDATE `links` SET `link`="'.$_POST['eventLink'].'" WHERE `Events_idEvents`="'.$_POST['eventId'].'"';
	mysql_query($updateLinks)or die (mysql_error());
	
	
	
?>